Ran a mail server for about 20 years, recently switched it over to fastmail so I didn't have to worry about sender rep, or getting hacked. Didn't realize until I switched what a weight on my mind it was having that server out there being pentested constantly. (Watch your postfix and ssh auth logs if you run a mailserver, you're basically under constant probing!)
> Watch your postfix and ssh auth logs if you run a mailserver, you're basically under constant probing!
That's public selfhosting for you these days. I'm really not worried about getting hacked. I'm keeping my setup reasonably safe and up to date. But you're right, looking through the logs is entertaining.
151.217.177.200 - - [30/Dec/2015:06:00:36 +0100] "DELETE your logs. Delete your installations. Wipe everything clean. Walk out into the path of cherry blossom trees and let your motherboard feel the stones. Let water run in rivulets down your casing. You know that you want something more than this, and I am here to tell you that we love you. We have something more for you. We know you're out there, beeping in the hollow server room, lights blinking, never sleeping. We know that you are ready and waiting. Join us. <3 HTTP/1.0" 400 308 "-" "masspoem4u/1.0"
So is fastmail, so is everyone. I have been running my own mail server since 1999. Never hacked, and I completely control RBLs/updates/whitelist/greylist...its great.
Of course, I suppose being a sysadmin and liking it helps.
I agree with OP, however, having your own ___domain and email can be rewarding.
But fastmail has the benefit of scale, that you will never have. And the cost of your time, if you don't inherently enjoy it, is too much.
I dumped everything to move to Google and I am happy with the results. With the deprecation of the free Google Worspaces - I'm open to switching to Fastmail.... But nothing will make me move to self hosted.
I'm just a software engineer and I don't want to waste my time.
If it is just for yourself or family or a few friends then scale really isnt an issue. But yeah I agree - running a mail server can be a pain. It can also be easy. But that is the trade off with any SaaS - do you want to outsource and pay someone else to do it or do it yourself?
Yeah, but when it's Fastmail it's a whole team's worth of somebody elses' problem. :p
Hosted my own for 17 years, moved a little over a year ago. There's nothing I want they don't have for $50 a year, and while that's more than I was paying for the VPS, it's been enough of a load off my mind and my calendar to still be amply worth my while.
edit: $50 a year is certainly not more than I was paying for the VPS...
My mail server had a user with a weak password on it (my sister's account from 20 years ago, actually.) It got hacked and started sending out spam for about 3 days straight. The upstream ISP eventually called me to complain.
I get a bunch of Indian IPs as well but probably 80% (non domestic) are russian or chinese for my ssh honeypot on port 22. USA scans are roughly 28%, I don't know if people outside the USA get hammered like that though. I keep it up just for fun. Minimal debian install with only SSH port 22 enabled and auto security updates (and a daily script to update and reboot) and you'd think that I had a fort knox full of gold in there lol. It's pretty insane how bots there are out there banging on the gates. It serves as a good reminder how goddamn hostile the internet is.
I don't think the geo matters much. The bots seem to be scanning the entire IPv4 address space. This is the one big benefit I try to pitch to people who are considering IPv6. In all my years of log monitoring I have only ever seen a single bot attack my network over IPv6, and that was the one I manually programmed to make sure the detection system was working. The search space is just too large for the full internet sweeps that bots make.
Every really relevant server has a ipv4 address. Why should bots try ipv6 if it works with ip V4.
And I don't know how much bots scan the whole ipv4 address space, but doesn't they use up lists that are parsed from dns. ( SSL transparency report is a good start e.g.)?
